- CheckMates
- :
- Products
- :
- Harmony
- :
- Endpoint
- :
- Re: Internet Explorer display issue
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Internet Explorer display issue
I was wondering if anyone else is experiencing Internet Explorer display issues when accessing internal sites in your environment.
SmartEndpoint 77.30.03
Endpoint version 80.88
SR: 3-066195751
We have desktop shortcuts on end user PCs that access an internal site. When users click on the shortcut, an instance of internet explorer opens and the page stays blank, and in task manager reports internet explorer as not responding. Only when accessing this site through the desktop shortcut does this happen. When we shut off the sandblast threat extraction and emulation blade, we no longer see this issue. I believe it has to do with the checkpoint.sandblast add-on. When users open up an instance of internet explorer and navigate to the web page it works just fine. The only hold up is the desktop shortcut that leads directly to the site. Has anyone else experienced this? We have tried whitelisting all kinds of ways and shutting off pieces of threat extraction and emulation and it does not make a difference. We have to turn off the entire blade to get the shortcut to function properly. A chrome desktop shortcut for the same site works fine as well, but management does not want this to be used. Any advise?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This would actually required to be investigated by Check Point Support after opening a Service Request ticket with TAC. In the meantime you could add bookmarks within Internet Explorer and advice your users to use these instead of the Desktop Shortcuts. Alternatively you could replace the Desktop shortcuts with simple .bat script that opens Internet Explorer with a parameter to load up your internal site.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Right, I have a ticket open with them now but I was just wondering if any others had seen this issue in the mean time. We have it set so if they open I.E. there is a link for them to click on, but that extra click causes a lot of complaints. I will look into your other suggestion and see if its plausible for them. Thank you!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Just following up from my ticket in case others have this issue. Desktop links to internal sites are not opening properly due to the threat emulation portion of checkpoint endpoint v80.88. The dev team is currently working on a solution for our issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hey, we meet again!
I'm having this issue as well!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, its very frustrating! Our users have lots of internal sites with shortcuts on their desktops so its really effecting our environment.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Our IE also just kinda... freezes. (Regardless of using shortcuts.) Of course, we've created a ticket, too. It seems that once our users open task manager and do a force close on IE, the browser seems to be working properly. But, they have to do this once every single day, essentially.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Stacy,
Yeah it is the same here. With internal site desktop shortcuts that use IE it freezes and states not responding. Our ticket so far is with the dev team now. They collected a ton of logs and are reviewing our case. I'll keep you updated as to what they say. Our only go around now is to use a different browser default or open IE and then navigate to the link.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If the issue is related to the endpoint, it can be originated from one of the two:
1. Anti Exploitation
2. SBA browser extention
Start with disabling Anti Exploitation for a while, and check whether the issue reproduces.
If it doesn't, you will need to turn on Anti Exploitation again, reproduce, and create a dump to providev to R&D. TAC can help with this.
Thanks,
Gal
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
When you say "Anti-Exploitation" I assume you're referring to the Threat Extraction and Emulation blade, yes?
Is there an individual feature that should be adjusted?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Stacy,
There is a way to disable the sandblast extension add-ons for the web browser to test this issue that we were given. I can try and find that documentation for you that checkpoint had me complete to troubleshoot our issue. We do not have a solution yet however, just targeted down the issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I figured it had to do with the browser extension. That was the thing I had ruled out, as well. Thank you for all of your help.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Gal,
Thank you for the advise. We have a ticket open currently with a collection of all the logs and other testing done by checkpoint. They determined it was the sandblast browser add-on and are working towards a solution for us.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
My understanding is this issue was introduced sometime after E80.83.
We do plan to address it in later releases.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
All,
Just wanted to come back and give a quick update. We were given endpoint 80.90.5619 to solve the IE issues we have been experiencing and so far have seen positive results. It ended up being the sandblast browser extension that was causing us our issue. Hope this helps.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Wish I could say the same! Thanks, though!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Stacy, honestly a lot of our issues with IE were resolved once we updated to 80.92. Also make sure your IE settings include: internet options> Advanced tab> uncheck the box next to "enable 64-bit processes for Enhanced protected mode". That helped with the IE lockup issues we saw as well. Hope this helps!
